We all know the internet is a scary place, but it just got a little bit scarier: A spambot has rounded up 711 million emails to use in a hacking scheme.
A security researcher in Paris, who uses the name Benkow, uncovered the bot, which is operating from a web server in the Netherlands. This multi-step process can be tricky to follow, but this is what you need to know.
Spam is annoying and sometimes hard to detect, so that’s why companies that offer email services have created spam filters. If you’re sick of getting emails from a Nigerian prince or promotions telling you you’ve won the sweepstake, you can customize a filter on your email that will block messages from certain email addresses.
The spambot, called Onliner, sends out spam using your stolen email address. Because the dispatch is coming from a legitimate email (yours), the computer won’t necessarily move it directly to the spam folder.
When an unsuspecting individual sees an email from a stranger but it’s not in the spam folder, they might be inclined to open it, and that’s when Onliner strikes. Once that person opens the file, Onliner sends malware to that computer, which then steals passwords, banking information, and personal details. Scary stuff, right?
And to make matters worse, the incoming messages have been disguised to look like they’re hotel reservations, shipping alerts from DHL, and even emails from government organizations.
So how can you know if your email has been stolen? Troy Hunt, a web security expert, runs a website called Have I Been Pwned, which notifies people when their information shows up in data breaches such as this. If you want to know if your information has been stolen, you can visit the site and enter your email address.
Looking for a silver lining? According to Hunt, although that 711 million number is “technically accurate,” the real number of people affected is probably lower.
More from FIRST
How to Take Control and Say ‘No’ to Family and Friends